Issues_June_3W #99

Merged
ashutosh.nehete merged 20 commits from Issues_June_3W into main 2025-07-01 10:25:44 +00:00
Showing only changes of commit 2a507bf7b0 - Show all commits

View File

@ -10,6 +10,7 @@ using Marco.Pms.Model.Projects;
using Marco.Pms.Model.Utilities;
using Marco.Pms.Model.ViewModels.Employee;
using Marco.Pms.Services.Hubs;
using Marco.Pms.Services.Service;
using MarcoBMS.Services.Helpers;
using MarcoBMS.Services.Service;
using Microsoft.AspNetCore.Authorization;
@ -35,10 +36,13 @@ namespace MarcoBMS.Services.Controllers
private readonly IConfiguration _configuration;
private readonly ILoggingService _logger;
private readonly IHubContext<MarcoHub> _signalR;
private readonly PermissionServices _permission;
private readonly Guid ViewAllEmployee;
private readonly Guid ViewEmployee;
public EmployeeController(UserManager<ApplicationUser> userManager, IEmailSender emailSender,
ApplicationDbContext context, EmployeeHelper employeeHelper, UserHelper userHelper, IConfiguration configuration, ILoggingService logger,
IHubContext<MarcoHub> signalR)
IHubContext<MarcoHub> signalR, PermissionServices permission)
{
_context = context;
_userManager = userManager;
@ -48,6 +52,9 @@ namespace MarcoBMS.Services.Controllers
_configuration = configuration;
_logger = logger;
_signalR = signalR;
_permission = permission;
ViewAllEmployee = Guid.Parse("60611762-7f8a-4fb5-b53f-b1139918796b");
ViewEmployee = Guid.Parse("b82d2b7e-0d52-45f3-997b-c008ea460e7f");
}
[HttpGet]
@ -93,18 +100,39 @@ namespace MarcoBMS.Services.Controllers
[Route("list/{projectid?}")]
public async Task<IActionResult> GetEmployeesByProject(Guid? projectid, [FromQuery] bool ShowInactive)
{
// Step 1: Validate incoming request model state
if (!ModelState.IsValid)
{
var errors = ModelState.Values
.SelectMany(v => v.Errors)
.Select(e => e.ErrorMessage)
.ToList();
_logger.LogWarning("Invalid request model in GetEmployeesByProject. Errors: {@Errors}", errors);
return BadRequest(ApiResponse<object>.ErrorResponse("Invalid data", errors, 400));
}
// Step 2: Get currently logged-in employee
var loggedInEmployee = await _userHelper.GetCurrentEmployeeAsync();
_logger.LogInfo("GetEmployeesByProject called by EmployeeId: {EmployeeId}, ProjectId: {ProjectId}, ShowInactive: {ShowInactive}",
loggedInEmployee.Id, projectid ?? Guid.Empty, ShowInactive);
// Step 3: Check permission (if project ID is not provided, user must have global view permission)
var hasViewAllEmployeePermission = await _permission.HasPermission(ViewAllEmployee, loggedInEmployee.Id);
if (projectid == null && !hasViewAllEmployeePermission)
{
_logger.LogWarning("Access denied. EmployeeId: {EmployeeId} tried to access employees without project filter", loggedInEmployee.Id);
return StatusCode(403, ApiResponse<object>.ErrorResponse("You don't have access", "You don't have access", 403));
}
// Step 4: Get employee list from helper based on project and visibility flag
var result = await _employeeHelper.GetEmployeeByProjectId(GetTenantId(), projectid, ShowInactive);
return Ok(ApiResponse<object>.SuccessResponse(result, "Filter applied.", 200));
_logger.LogInfo("Employees fetched successfully for ProjectId: {ProjectId} by EmployeeId: {EmployeeId}. Result Count: {Count}",
projectid ?? Guid.Empty, loggedInEmployee.Id, result.Count());
// Step 5: Return success response with employee data
return Ok(ApiResponse<object>.SuccessResponse(result, "Filter applied.", 200));
}
[HttpGet]